Society For Risk Analysis Annual Meeting 2017

Session Schedule & Abstracts


* Disclaimer: All presentations represent the views of the authors, and not the organizations that support their research. Please apply the standard disclaimer that any opinions, findings, and conclusions or recommendations in abstracts, posters, and presentations at the meeting are those of the authors and do not necessarily reflect the views of any other organization or agency. Meeting attendees and authors should be aware that this disclaimer is intended to apply to all abstracts contained in this document. Authors who wish to emphasize this disclaimer should do so in their presentation or poster. In an effort to make the abstracts as concise as possible and easy for meeting participants to read, the abstracts have been formatted such that they exclude references to papers, affiliations, and/or funding sources. Authors who wish to provide attendees with this information should do so in their presentation or poster.

Common abbreviations

W1-E
Emerging Threats and Deterence

Room: Salon E   8:30 am–10:00 am

Chair(s): Steve Streetman   stevestreetman@gmail.com

Sponsored by Security and Defense Specialty Group



W1-E.1  8:30 am  HAZOP Based Emerging-Technology Scenario Hazard Screening. Barrett AM*; ABS Consulting and GCR Institute   abarrett@absconsulting.com

Abstract: New technologies can increase the effective capabilities of terrorists and other adversaries to cause harm. Detailed risk analysis of all imaginable technology-use scenarios would be infeasible, but not all scenarios merit in-depth assessment. We adapt Hazard and Operability, or HAZOP analyses as a tractable means of prioritizing scenarios for more in-depth analysis. In the HAZOP based approach, the types of effects that emerging technologies might generate that would be of interest to adversaries are established, then relevant technologies are identified and assessed according to the degree of hazard they pose. We provide illustrative examples.

W1-E.2  8:50 am  Improving Complex Security Risk Analysis with Computational Creativity. Crowther KG*; MITRE Corporation   kcrowther@mitre.org

Abstract: Many strategic security initiatives call for capabilities to manage "emerging risks" or "evolutionary risks." However, existing risk analyses in the security and defense domains have failed to apply modern methods for improved anticipation of emergent risks - resulting in many risk assessments being a paper exercises that provide little value to discriminating countermeasures for improved security, defense, and resilience. This presentation reviews and evaluates methods for modernizing risk assessment for application to security and defense challenges where there are complex, dynamic systems with adaptive adversaries. It particularly focuses on the application of computational creativity to risk analytics in the security and defense domains. Computational creativity is the process of traversing multiple data sets to find attacks and/or mitigations that are both novel (non-traditional or outside of the scope of "typical" design") and valuable (consistent with historical evidence or could have significant impact). This presentation will summarize the results of several experiments to test computational creativity algorithms within the scope of several government security and defense problems (including vehicle-borne attacks, use and defeat of explosives, and ransomware). The final part of the presentation provide a research pathway by which this area could provide a methodology to monitor for the emergence of low-probability, high-impact events in the security and defense arena where business and protection systems are complex and dynamic, and adversaries are adapting.

W1-E.3  9:10 am  Deterrence or Deflection? Gauging Perceptions of Defensive Deterrence and Target Substitutability . Davenport C*, Smith DS; University of Maryland   cdavenpo@umd.edu

Abstract: The extent to which a defensive implement has a deterrent impact depends, in part, on how adversary success is defined; deterrence measures in one specific city may have a deterrent impact but, this may mean little for national security writ large if an adversary simply opts to attack another major city instead. This facet of the adversary’s decision-making process, which involves substitutability of targets, highlights the importance of deflective versus deterrent effects. No experimental research investigates the role of risk perception in willingness to carry out a terror attack against a particular target, much less multiple potential targets within a country. A survey/experiment was conducted in which respondents were asked to role-play as a cult organization seeking to carry out a dirty bomb attack against one of five potential U.S. cities with knowledge of a bomb-detection network present in some or all of those five cities. Data were collected through a web-based survey experiment with participants randomly assigned to one of twelve experimental conditions. Following the experimental manipulation, individuals answered questions pertaining to the main dependent variables of interest. Specifically, respondents were prompted to rate “secureness” and how likely they were to attack in general as well as in relation to specific cities. Respondents are also prompted to answer a series of questions gauging baseline risk aversion, political ideology, and various demographic attributes. An analysis reveals support for the notion that robust implementation of a defensive system in a limited number of potential target cities does not have an appreciable impact on perceptions of net security when implementation is uneven across potential targets and those targets are perceived as substitutable.

W1-E.4  9:30 am  Degree of Difficulty for Terrorist Attacks: an approach to improving likelihood assessment and evaluation of alternatives for decision making. Streetman SS*; Data Architecture Solutions, Inc.   stevestreetman@gmail.com

Abstract: Assessing the likelihood of terrorist attacks, especially potential attacks using weapons of mass destruction (WMD), poses substantial challenges for risk assessors attempting to prioritize defensive measures. One often overlooked component of the likelihood of an attack is its feasibility. Attacks that are substantially more difficult to successfully complete may be avoided in favor of attacks more likely to succeed. Even within the rarified area of WMD terrorism attacks, the difficulty of carrying out an attack varies widely among targets, material (chemical, biological, radiological, nuclear, explosives CBRNE) and dissemination approaches. It is relatively common to assess the vulnerability of a target to attack (and, essentially, the likelihood an attack will be defeated), but the difficulty of accomplishing the attack apart from defeating defensive measures is largely ignored even though the attack logistics may be as influential or more influential on selection than the vulnerability of the target to the attack. Assessing the relative degree of difficulty of a terrorist attack may, therefore, be a useful proxy for likelihood of selection and/or likelihood of a successful attack. Combining the degree of difficulty with an assessment of adversary capabilities may provide even better resolution of potential likelihood of attack. This presentation will propose a framework for estimating terrorism degree of difficulty and show how it can be incorporated into terrorism risk assessment and into evaluation of alternatives - including how the degree of difficulty may change based on changes in defensive measures.



[back to schedule]